Explore tweets tagged as #ret2aslr
In RET2ASLR we can leak ASLR from the BTB in under a minute. Plz use the speculation control feature for userspace applications dealing with sensitive data.
2
3
30
This talk got old really fast, now we can do the same thing with return instructions! 🥳🤯😰.Check out RET2ASLR:
En la #Eko2022, @_esoj1 nos presentó una nueva técnica basada en Spectre v2 para abusar de los predictores de rama con el fin de eludir ASLR en las CPU de Intel, abusando de dos hechos: 1) el atacante puede contaminar el búfer de destino de la rama, y 2) las víctimas pueden
2
6
27
RET2ASLR - return instructions from other processes can leak pointers through the Branch Target Buffer (BTB) in a reversed spectre-BTI like scenario
1
5
2
RET2ASLR: las instrucciones de retorno de otros procesos pueden filtrar punteros a través del búfer de destino de rama (BTB) en un escenario similar a BTI de espectro invertido - #netsec #cybersecurity.
0
0
0
RET2ASLR - return instructions from other processes can leak pointers through the Branch Target Buffer (BTB) in a reversed spectre-BTI like scenario
0
0
0
New post: "RET2ASLR - return instructions from other processes can leak pointers through the Branch Target Buffer (BTB) in a reversed spectre-BTI like scenario"
0
0
0
RET2ASLR - return instructions from other processes can leak pointers through the Branch Target Buffer (BTB) in a reversed spectre-BTI like scenario via /r/netsec #cybersecurity #netsec #news.
0
0
0